I've had great luck with VoIP and pfSense.
To be clear, there's no such thing as 'real' end-to-end guarantee of
quality of service unless you're talking about MPLS or similar
technologies. What you want is called 'traffic shaping'
For ordinary people with ordinary connections, the idea is as follows:
PART 1 -
"Starve the pipe!"
You must utilize your internet connection below its maximum 'guaranteed'
throughput, otherwise you will have no control over the upstream buffers
(see buffer bloat), and your real-time application, VoIP or otherwise
will suffer. In VoIP, that means that packets will either not arrive,
or arrive so late as to exceed the VoIP UA's jitter buffer, and will
result in subjective quality factors, technically referred to as "Shitty
quality" (Drops, stutters, etc).
PART 2 -
Prioritize your real-time packets!
Now that your pipe is VERY SLIGHTLY underutilized, you have left
yourself the ability to instantly insert the VERY NEXT VoIP packet into
your data stream if one should happen to arrive (the very NEXT VoIP
packet is the one you have to be preemptively ready for). When that
packet arrives, the 'shaper' immediately adjusts TX/RX rates to CONTINUE
to keep the pipe slightly underutilized. This is why you need to know
your up/downstream speeds to configure your traffic shaper. All of the
NON real-time stuff can be put 'in line'. All of that lower-priority
stuff essentially must 'wait in line' to get IN or OUT, at that magic
rate JUST UNDER the maximum rate to keep the pipe CONSTANTLY SLIGHTLY
UNDERUTILIZED. Naturally VoIP packets gets to go to the front of the
line in inbound or outbound queue.
That's pretty much it. The 'starve the pipe' business is why it's not as
simple as "Simply prioritizing Voip"
PFSense makes it quite simple however. Just measure your link speed at
something like speedtest.speakeasy.net. Walk through the "traffic
shaper wizard" specifiying that VoIP gets top priority, whether that's
the internal IP address (or alias) of your VoIP ATA, Astrisk server or
VoIP telephone.
Good luck
-Karl
On 6/2/2011 4:03 PM, Adam Thompson wrote:
I’m trying to make sure VoIP has the best possible quality for a small
amount of effort.
I still don’t understand QoS, even the wizard is baffling to me – for
whatever reason QoS is a layer my brain just doesn’t want to accept.
What I’ve done in the past on other firewalls is a trivial “priority”
setting: without configuring any queues, buckets, shapers, etc., I would
simply create a rule matching SIP traffic (either by port, by
NBAR-ish/L7 application or by IP address) and set the “priority” to
“high”. I really have no idea what that does under the hood, whether on
FortiNet, Cisco, or PaloAlto.
Is there anything that simple that I can do under pfSense?
Thanks,
-Adam Thompson
[email protected] <mailto:[email protected]>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
